From: Daan De Meyer Date: Sat, 20 Apr 2024 20:33:01 +0000 (+0200) Subject: Configure journal-remote limits properly X-Git-Tag: v23.1~103^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=843fb7cc47cf04a690cd32be8aacc553c05ce06e;p=thirdparty%2Fmkosi.git Configure journal-remote limits properly Let's make sure the limits are configured so we can always write at least 4G of logs. We also enable compact mode again in all cases to reduce the size used by journal files as for example Github Actions machines aren't exactly swimming in free space. (We pick 4G because that's the max journal file size when the compact mode is used) (We'll probably have to revisit this again at some point but for now this should do the trick) --- diff --git a/mkosi/qemu.py b/mkosi/qemu.py index 9b87dc175..f663917b8 100644 --- a/mkosi/qemu.py +++ b/mkosi/qemu.py @@ -18,6 +18,7 @@ import struct import subprocess import sys import tempfile +import textwrap import uuid from collections.abc import Iterator, Sequence from pathlib import Path @@ -430,31 +431,49 @@ def start_journal_remote(config: Config, sockfd: int) -> Iterator[None]: run(["chattr", "+C", d], check=False, stderr=subprocess.DEVNULL if not ARG_DEBUG.get() else None) INVOKING_USER.chown(d) - with spawn( - [ - bin, - "--output", config.forward_journal, - "--split-mode", "none" if config.forward_journal.suffix == ".journal" else "host", - ], - pass_fds=(sockfd,), - sandbox=config.sandbox( - binary=bin, - mounts=[Mount(config.forward_journal.parent, config.forward_journal.parent)], - ), - user=config.forward_journal.parent.stat().st_uid if INVOKING_USER.invoked_as_root else None, - group=config.forward_journal.parent.stat().st_gid if INVOKING_USER.invoked_as_root else None, - # If all logs go into a single file, disable compact mode to allow for journal files exceeding 4G. - env={"SYSTEMD_JOURNAL_COMPACT": "0" if config.forward_journal.suffix == ".journal" else "1"}, - foreground=False, - ) as (proc, innerpid): - allocate_scope( - config, - name=f"mkosi-journal-remote-{config.machine_or_name()}", - pid=innerpid, - description=f"mkosi systemd-journal-remote for {config.machine_or_name()}", + with tempfile.NamedTemporaryFile(mode="w", prefix="mkosi-journal-remote-config") as f: + # Make sure we capture all the logs by bumping the limits. We set MaxFileSize=4G because with the compact mode + # enabled the files cannot grow any larger anyway. + f.write( + textwrap.dedent( + f"""\ + [Remote] + MaxUse=1T + KeepFree=1G + MaxFileSize=4G + MaxFiles={1 if config.forward_journal.suffix == ".journal" else 100} + """ + ) ) - yield - kill(proc, innerpid, signal.SIGTERM) + + f.flush() + + with spawn( + [ + bin, + "--output", config.forward_journal, + "--split-mode", "none" if config.forward_journal.suffix == ".journal" else "host", + ], + pass_fds=(sockfd,), + sandbox=config.sandbox( + binary=bin, + mounts=[ + Mount(config.forward_journal.parent, config.forward_journal.parent), + Mount(f.name, "/etc/systemd/journal-remote.conf"), + ], + ), + user=config.forward_journal.parent.stat().st_uid if INVOKING_USER.invoked_as_root else None, + group=config.forward_journal.parent.stat().st_gid if INVOKING_USER.invoked_as_root else None, + foreground=False, + ) as (proc, innerpid): + allocate_scope( + config, + name=f"mkosi-journal-remote-{config.machine_or_name()}", + pid=innerpid, + description=f"mkosi systemd-journal-remote for {config.machine_or_name()}", + ) + yield + kill(proc, innerpid, signal.SIGTERM) diff --git a/mkosi/resources/mkosi.md b/mkosi/resources/mkosi.md index 74303d4cf..b4c91e434 100644 --- a/mkosi/resources/mkosi.md +++ b/mkosi/resources/mkosi.md @@ -1916,6 +1916,11 @@ boolean argument: either `1`, `yes`, or `true` to enable, or `0`, `no`, : Note that systemd v256 or newer is required in the virtual machine for log forwarding to work. +: Note that if a path with the `.journal` extension is given, the + journal size is limited to `4G`. Configure an output directory instead + of file if your workload produces more than `4G` worth of journal + data. + ## Specifiers The current value of various settings can be accessed when parsing